(ctx context.Context, req *adminv1.ProvisionRequest)
| 17 | ) |
| 18 | |
| 19 | func (s *Server) Provision(ctx context.Context, req *adminv1.ProvisionRequest) (*adminv1.ProvisionResponse, error) { |
| 20 | observability.AddRequestAttributes(ctx, |
| 21 | attribute.String("args.deployment_id", req.DeploymentId), |
| 22 | attribute.String("args.type", req.Type), |
| 23 | attribute.String("args.name", req.Name), |
| 24 | ) |
| 25 | |
| 26 | // If the deployment ID is not provided, attempt to infer it from the access token. |
| 27 | claims := auth.GetClaims(ctx) |
| 28 | if req.DeploymentId == "" { |
| 29 | if claims.OwnerType() == auth.OwnerTypeDeployment { |
| 30 | req.DeploymentId = claims.OwnerID() |
| 31 | } else { |
| 32 | return nil, status.Error(codes.InvalidArgument, "missing deployment_id") |
| 33 | } |
| 34 | } |
| 35 | |
| 36 | depl, err := s.admin.DB.FindDeployment(ctx, req.DeploymentId) |
| 37 | if err != nil { |
| 38 | return nil, err |
| 39 | } |
| 40 | |
| 41 | proj, err := s.admin.DB.FindProject(ctx, depl.ProjectID) |
| 42 | if err != nil { |
| 43 | return nil, err |
| 44 | } |
| 45 | |
| 46 | permissions := auth.GetClaims(ctx).ProjectPermissions(ctx, proj.OrganizationID, proj.ID) |
| 47 | if !permissions.ManageProvisionerResources { |
| 48 | return nil, status.Error(codes.PermissionDenied, "not allowed to manage provisioner resources") |
| 49 | } |
| 50 | |
| 51 | // If the resource is OK, return it immediately. |
| 52 | res, err := s.admin.DB.FindProvisionerResourceByTypeAndName(ctx, depl.ID, req.Type, req.Name) |
| 53 | if err != nil && !errors.Is(err, database.ErrNotFound) { |
| 54 | return nil, err |
| 55 | } |
| 56 | if res != nil && res.Status == database.ProvisionerResourceStatusOK { |
| 57 | return &adminv1.ProvisionResponse{ |
| 58 | Resource: provisionerResourceToPB(res), |
| 59 | }, nil |
| 60 | } |
| 61 | |
| 62 | // Try or retry provisioning the resource. |
| 63 | org, err := s.admin.DB.FindOrganization(ctx, proj.OrganizationID) |
| 64 | if err != nil { |
| 65 | return nil, err |
| 66 | } |
| 67 | typ := provisioner.ResourceType(req.Type) |
| 68 | if !typ.Valid() { |
| 69 | return nil, status.Errorf(codes.InvalidArgument, "invalid type %q", req.Type) |
| 70 | } |
| 71 | annotations := s.admin.NewDeploymentAnnotations(org, proj, depl.Environment) |
| 72 | res, err = s.admin.Provision(ctx, &admin.ProvisionOptions{ |
| 73 | DeploymentID: depl.ID, |
| 74 | Type: typ, |
| 75 | Name: req.Name, |
| 76 | Provisioner: "", // Means it should find a suitable provisioner |
nothing calls this directly
no test coverage detected